Latest [Sep 26, 2022] ISO-IEC-27001-Lead-Implementer Exam with Accurate PECB Certified ISO/IEC 27001 Lead Implementer exam PDF Questions [Q11-Q31]

Latest [Sep 26, 2022] ISO-IEC-27001-Lead-Implementer Exam with Accurate PECB Certified ISO/IEC 27001 Lead Implementer exam PDF Questions

Take a Leap Forward in Your Career by Earning PECB 50 Questions

NEW QUESTION 11
What is the best way to comply with legislation and regulations for personal data protection?

• A. Performing a vulnerability analysis
• B. Appointing the responsibility to someone
• C. Performing a threat analysis
• D. Maintaining an incident register

Answer: B

 

NEW QUESTION 12
It is allowed that employees and contractors are provided with an anonymous reporting channel to report violations of information security policies or procedures ("whistle blowing")

• A. False
• B. True

Answer: B

 

NEW QUESTION 13
In the context ofcontact with special interest groups, any information-sharing agreements should identify requirements for the protection of _________ information.

• A. Availability
• B. Authorization
• C. Authentic
• D. Confidential

Answer: D

 

NEW QUESTION 14
Prior to employment, _________ as well as terms & conditions of employment are included as controls in ISO
27002 to ensure that employees and contractors understand their responsibilities and are suitable for the roles for which they are considered.

• A. authorizing
• B. controlling
• C. flexing
• D. screening

Answer: D

 

NEW QUESTION 15
What is the best description of a risk analysis?

• A. A risk analysis is a method of mapping risks without looking at company processes.
• B. A risk analysis calculates the exact financial consequences of damages.
• C. A risk analysis helps to estimate the risks and develop the appropriate security measures.

Answer: C

 

NEW QUESTION 16
Why is compliance important forthe reliability of the information?

• A. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and thereforeit guarantees the reliability of its information.
• B. Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.
• C. When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.
• D. By meeting the legislative requirements and theregulations of both the government and internal management, an organization shows that it manages its information in a sound manner.

Answer: D

 

NEW QUESTION 17
What should be used to protect data on removable media ifdata confidentiality or integrity are important considerations?

• A. cryptographic techniques
• B. a password
• C. logging
• D. backup on another removable medium

Answer: A

 

NEW QUESTION 18
Which of the following measures is a preventive measure?

• A. Putting sensitive information in a safe
• B. Installing a logging system that enables changes in a system to be recognized
• C. Shutting down all internet traffic after a hacker has gained access to thecompany systems
• D. Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk

Answer: A

 

NEW QUESTION 19
True or False: Organizations allowing teleworking activities, the physical security of the building and the local environment of the teleworking site should be considered

• A. False
• B. True

Answer: B

 

NEW QUESTION 20
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

• A. ISO/IEC 27002:2005
• B. Personal data protection legislation
• C. Intellectual Property Rights
• D. ISO/IEC 27001:2005

Answer: B

 

NEW QUESTION 21
What is an example of a good physical security measure?

• A. All employees and visitors carry an access pass.
• B. Printers that are defective or have been replacedare immediately removed and given away as garbage for recycling.
• C. Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster.

Answer: A

 

NEW QUESTION 22
What is an example of a non-human threat to the physical environment?

• A. Fraudulent transaction
• B. Virus
• C. Storm
• D. Corrupted file

Answer: C

 

NEW QUESTION 23
The company Midwest Insurance has taken many measures to protect its information. It uses an Information Security Management System, the input and output of data in applications is validated, confidential documents are sent in encrypted form and staff use tokens to access information systems. Which of these is not a technical measure?

• A. Validation of input and output data in applications
• B. Information Security Management System
• C. Encryption ofinformation
• D. The use of tokens to gain access to information systems

Answer: B

 

NEW QUESTION 24
Which of these reliability aspects is "completeness" a part of?

• A. Availability
• B. Confidentiality
• C. Exclusivity
• D. Integrity

Answer: D

 

NEW QUESTION 25
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?

• A. A code of conduct is a standard part of a labor contract.
• B. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.
• C. A code ofconduct specifies how employees are expected to conduct themselves and is the same for all companies.

Answer: B

 

NEW QUESTION 26
What are the data protection principles set out in the GDPR?

• A. Target group, proportionality, transparency, data minimisation
• B. Purpose limitation, proportionality, data minimisation, transparency
• C. Purpose limitation, proportionality, availability, data minimisation
• D. Purpose limitation, pudicity, transparency, data minimisation

Answer: B

 

NEW QUESTION 27
What is the greatest risk for an organization ifno information security policy has been defined?

• A. Too many measures areimplemented.
• B. Information security activities are carried out by only a few people.
• C. If everyone works with the same account, it is impossible to find out who worked on what.
• D. It is not possible for an organization to implement information security in a consistent manner.

Answer: D

 

NEW QUESTION 28
ISO 27002 provides guidance in the following area

• A. Detailed lists of required policies and procedures
• B. PCI environment scoping
• C. Framework for an overall security andcompliance program
• D. Information handling recommendations

Answer: C

 

NEW QUESTION 29
What is the objective of classifying information?

• A. Authorizing the use of an information system
• B. Creating alabel that indicates how confidential the information is
• C. Displaying on the document who is permitted access
• D. Defining different levels of sensitivity into which information may be arranged

Answer: D

 

NEW QUESTION 30
What is the most important reason for applying the segregation of duties?

• A. Segregation of duties makes it easier for a person who is readywith his or her part of the work to take time off or to take over the work of another person.
• B. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
• C. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.
• D. Segregation of duties makes it clear who is responsible for what.

Answer: B

 

NEW QUESTION 31
......

Authentic Best resources for ISO-IEC-27001-Lead-Implementer Online Practice Exam: https://lead2pass.guidetorrent.com/ISO-IEC-27001-Lead-Implementer-dumps-questions.html